Sr. Software Engineer - Secure Software Developer

  • T-Mobile
  • Bellevue, Washington

Job Description

STUFF WE'LL TRUST YOU WITH YOUR RESPONSIBILITIES Identify opportunities within development teams and across the enterprise to create secure reusable code libraries and services Develop and deliver reusable libraries, code snippets, services, etc. to reduce complexity for development teams and increase overall enterprise security Develop and promote industry leading security standard Design product instrumentation and test automation Assist with writing formal specifications and documentation for delivered code Assist with developer education in secure coding concepts Provide deep guidance about the nuances of programming and scripting languages: Java, Python, .net, Go, JavaScript and TypeScript Deconstruct libraries and services and identify design-level issues as well as side-channel attacks

STUFF YOU TELL PEOPLE AT PARTIES YOUR QUALIFICATIONS Extensive experience software coding and scripting with one or more of the following languages: Java, Python, .net, GO, JavaScript and TypeScript variants Deep understanding of one or more of the following languages at the design and implementation level: Java, Python, .net, GO, JavaScript and TypeScript variants Deep experience working with web services (SOAP and REST), and supporting data formats (JSON, XML). Thorough understanding of coding concepts such as: authentication mechanisms, data serialization, data structures and algorithms, data transfer, memory handling and pointers Thorough understanding of application architectures such as: n-tier, client and server, API, microservice, etc. Experience with agile software development practices Understanding of both application and network layer security considerations and how to fix them such as: buffer overflow, time of check vs time of use, input validation, encapsulation, insecure protocols, man-in-the-middle, injection attacks, etc. Excellent verbal, written, and interpersonal communications skills Ability to work both as a team member and independently Have obtained one of the following certificates is a plus:Certified Information Systems Security Professional (CISSP) CCSK/CCSP/AWS Dev or SysOps Associate GIAC *LI-KM3 Digital Security